Bugtraq mailing list archives
Re: BellaBiblio Admin Login Bypass
From: security curmudgeon <jericho () attrition org>
Date: Fri, 7 Dec 2007 02:23:35 +0000 (UTC)
: BellaBiblio Admin Login Bypass : : SCRIPT: BellaBiblio : : DOWNLOAD: http://www.jemjabella.co.uk/scripts/BellaBiblio.zip : : AUTHOR: ilker kandemir <ilkerkandemir[at]mynet.com> : : Bug in;(admin.php) : if (isset($_COOKIE['bellabiblio'])) { : if ($_COOKIE['bellabiblio'] == md5($admin_name.$admin_pass.$secret)) { : if (isset($_GET['ap'])) $page = $_GET['ap']; else $page = ""; : : EXPLOIT: : : Set your cookie: bellabiblio=administrator http:/site.com/admin.php : And you have full admin access As discussed on VIM, this and several of your other postings are all incorrect or have caveats for them to work. http://attrition.org/pipermail/vim/2007-July/001733.html http://attrition.org/pipermail/vim/2007-July/001736.html http://attrition.org/pipermail/vim/2007-July/001745.html Regarding your phpWebFileManager posting, also false: http://attrition.org/pipermail/vim/2007-July/001744.html
Current thread:
- Re: BellaBiblio Admin Login Bypass security curmudgeon (Dec 07)